RE: addslashes + stripslashes + mysql question

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

turn of magic quotes or test for it before using addslashes

Bastien

From: "Petzo" <petzo@xxxxxxxxx>
To: php-db@xxxxxxxxxxxxx
Subject:  addslashes + stripslashes + mysql question
Date: Mon, 16 May 2005 11:20:41 +0300

Hi,

    My question is about the norlmal behaviour of PHP and MYSQL but I cant
explain it without a simple example. Thank you for reading:

    I have the following code:
--------------------------------------------------------------------
<?php
print $t = $_POST['txt'];
print $t = addslashes($t);

   @ $db = mysql_pconnect(xxx,xxx,xxx);
   mysql_select_db('test');

   $q = "update ttable set ffield='$t'";
   mysql_query($q);

   $q = "select * from ttable";
   $result = mysql_query($q);
   $bo = mysql_fetch_array($result);

print $t = $bo['ffield'];
print $t = stripslashes($t);
?>
--------------------------------------------------------------------


from a HTML form I send variable:
--------------------------------------------------------------------
' \ \' \\ \\\
--------------------------------------------------------------------

after addshashes it becomes:
--------------------------------------------------------------------
\' \\ \\\' \\\\ \\\\\\
--------------------------------------------------------------------

after that it gets in the database

but after I get it out it becomes:
--------------------------------------------------------------------
' \ \' \\ \\\
--------------------------------------------------------------------
(without the backslashes!)

and ofcourse after stripslashes it gets messed-up:
--------------------------------------------------------------------
' ' \ \
--------------------------------------------------------------------

So my question is if this is a normal behaviour for PHP+MYSQL or it may vary
indifferent conficurations or versions of both php or mysql.
It's not a bad thing to be like that but I wonder if my code will behave the
same at most systems.

Thank you very much

--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[Index of Archives]     [PHP Home]     [PHP Users]     [Postgresql Discussion]     [Kernel Newbies]     [Postgresql]     [Yosemite News]
  Powered by Linux